<?php
	require_once ($_SERVER['DOCUMENT_ROOT']."/Auditing/data/config.php");
	require_once ($_SERVER['DOCUMENT_ROOT']."/Auditing/data/DBConn.php");
	
	
	Class UserController{
		
		function createUser($user_name,$password,$pages){
			 
			$returnVal=1; // Successfull insertion
			$user_id=0;
			
			$query="insert into ota_users (user_name,password) values('".$user_name."','".md5($password)."')";
			//$result = TRUE;  // For Debugging Only
			$result = mysql_query($query); //or die('Error, insert query failed');
			
			//	echo $query;
			
			if (!$result) {
				$returnVal = 0;	
		    	die('Invalid query: ' . mysql_error());
			}
			else {
				$query= "Select max(user_id) from ota_users";
	
				$result = mysql_query($query); 
				
				if ($result!=NULL) {
					while ($row = mysql_fetch_assoc($result)) {
						$user_id =  $row['max(user_id)'];
					}
				}	

				for($j=0;$j<sizeof($pages);$j++){

					$query = "insert into ota_role (page_id,user_id) values (".$pages[$j].",".$user_id.")";
					$result = mysql_query($query); //or die('Error, insert query failed');
			
					//	echo $query;
					
					if (!$result) {
						$returnVal = 0;	
				    	die('Invalid query: ' . mysql_error());
					}
					
				}
			}
			return $returnVal;
		}
		
		function getUsers(){
			
			$sqlString="select user_id,user_name from ota_users";
			$result = mysql_query($sqlString);
	        $td="";   
	          
			 if (!$result) {
			    die	('Invalid query: ' . mysql_error());
			}else {
				
				
				$i=1;
				$evenClass ="TableRowEven";
				$oddClass ="TableRowOdd";
				
				//$anchor = "<a href='../../view/Rule/RuleCreate.php'>";
					
				while ($row = mysql_fetch_array($result)) {
	
					if($i%2==0){
						$classSel="TableRowEven";
					}else {
						$classSel="TableRowOdd";
					}
					
					
					$td .= "<tr>";
					$td .= "<td class='".$classSel."' >". $i ."</td>";
					$td .= "<td class='".$classSel."' >". $row[1] . "</td>";
					$anchor = "<a href='../../view/admin/UserMgmt.php?operation=update&user_id=".$row[0]."'>";
					$td .= "<td class='".$classSel."' >".$anchor. Edit . "</a></td>";
					$td .= "</tr>";
					$i++;
				}
	
			}
		return $td;
			
		}
		
		function getUsersData($userId){
			
			$query= "select ".					
					"users.user_name, ".
					"page.page_id, ".
					"users.password, ".
					"page.description ".		
					"from ".
					"ota_users users, ".
					"ota_page page, ".
					"ota_role roles ".		
					"where ".		
					"users.user_id=roles.user_id ".
					"and ".
					"roles.page_id=page.page_id ".
					"and ".
					"users.user_id=".$userId;
			
				$result = mysql_query($query);
			 if (!$result) {
		    	die	('Invalid query: ' . mysql_error());
			}
			return $result;
		}
		
		function updateUsers($user_name,$password,$pages,$userId){
			
			$returnVal=1;
			$query="update ota_users set user_name='".$user_name."',password='".md5($password)."' where user_id=".$userId;
			$result = mysql_query($query); 
			
				//echo $query;
			
			if (!$result) {
				$returnVal = 0;	
		    	die('Invalid query: ' . mysql_error());
			}
			else {
				$query="delete from ota_role where user_id=".$userId;
				//echo $query;
				$result = mysql_query($query); 

				if (!$result) {
					$returnVal = 0;	
		    	die('Invalid query: ' . mysql_error());
				}
				else {
						for($j=0;$j<sizeof($pages);$j++){

							$query = "insert into ota_role (page_id,user_id) values (".$pages[$j].",".$userId.")";
					//		echo $query;
							$result = mysql_query($query); 
					
							//	echo $query;
							
							if (!$result) {
								$returnVal = 0;	
						    	die('Invalid query: ' . mysql_error());
							}
						}
					
				}
			
			}
			return $returnVal;
		}
		
		
	}
?>